How to map/configure 2 mail servers behind a firewall on the same lan/subnet

I have a firewall which has 2 mail server's public smtp and pop ips mapped to internal ips  via NAT one-to-one translation on ports 25 and port 110.
Example :
               Mail Server 1
               smtp.abc.com ( 66.92.81.1) map on (port 25) to 192.168.100.5                          
               pop.abc.com ( 66.92.81.2) map on  (port 110) to 192.168.100.6

               Mail Server 2
               smtp.xyz.com  ( 66.92.81.3) map on (port 25) to 192.168.100.10
               pop.xyz.com  ( 66.92.81.4) map on (port 110) to 192.168.100.11

The problem is if I turn both smtp servers on , 1 or the other emails does not work

How how should I map/configure the 2 mail servers or similar ports behind a firewall on the same lan/subnet ?
Whats the right way to do this?
texter777Asked:
Who is Participating?
 
Computer101Connect With a Mentor Commented:
PAQed with points refunded (100)

Computer101
EE Admin
0
 
lrmooreCommented:
They should work fine just as they are.
What kind of firewall do you have? Perhaps there is something not configured correctly in it?
0
 
texter777Author Commented:
sonicwall pro 2040.

Mapping one-to-one nat translation.

Rules
---------------
a) Allow  *   192.168.100.5 (LAN) Retrieve E-Mail (POP3)   [exchange server]
b) Allow  * 192.168.100.6 (LAN) Send E-Mail (SMTP)   [gfi mail essentials relay]

c)  Allow  *  192.168.100.10 (LAN) Retrieve E-Mail (POP3)  [mailserver2]
d)  Allow  *  192.168.100.10 (LAN) Send E-Mail (SMTP)  [mailserver2]

e) Allow  *  192.168.100.5 (LAN) Web (HTTP) Allow  [mailserver1]
++For webmail access
f)  Allow  *  192.168.100.10 (LAN) Web (HTTP) Allow  [mailserver2]
++for webmail access
0
 
dlmarioCommented:
Hi texter777,

there schould no problem using multiple SMTP, POP or IMAP servers in the same subnet. Are you sure you are using 4 IP addresse where you are doing NAT from? Why do you NAT your Network, when you have four external addresses?

For me it seems like you are using one external IP (a DSL for example) and doing NAT from this IP to your private subnet, isnĀ“t it?

If not, it should be a setting on your router. Is it possible to do a tcpdump on the mailservers? Are you using linux machines?

However, theoretical there can not be a problem using more than one mailserver in a network segment - providers are doing the same ;-)

/Mario
0
 
texter777Author Commented:
Guys,
Thanks for your input.
Mario ,
Avoiding external addresess (dual nics) or DMZ , by using one-to-one NAT.
This method has its con side too, but since we have a kickass hardware firewall ,
have chosen to go with one-to-one NAT mapping.

I think Ive found the problem.
Interesting indeed....
The 2 nd mail server SMTP was bound ONLY ON the LAN IP address 192.168.100.10
and not on "All Addresses" .

This excluded the local loop (127.0.0.1),which made it unable for the SMTP to natively transfer the email to the POP3 mailboxes/service.

Hence I wasnt seeing the mail in my pop3 box.

Peace.
Texter

0
All Courses

From novice to tech pro — start learning today.